Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/75a22e-ae95-4e93-943a-41a0676edd61/1/656nYURxY3eIKKADyW7vtfz2QvE.roa
File: 656nYURxY3eIKKADyW7vtfz2QvE.roa (raw, json)
Hash identifier: WBUvRjg+A6FKpkAnfu2lffuT8cUZiY6w2S0wGvI5L/g=
Subject key identifier: EB:9E:A7:61:44:71:63:77:88:28:A0:03:C9:6E:EF:B5:FC:F6:42:F1
Certificate issuer: /CN=aa9c9c95a58c3811bda95dc83c2e487a200c4c25
Certificate serial: 018CC8DD9278A575F17BD39A8D31D4D9C4B9
Authority key identifier: AA:9C:9C:95:A5:8C:38:11:BD:A9:5D:C8:3C:2E:48:7A:20:0C:4C:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qpyclaWMOBG9qV3IPC5IeiAMTCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/75a22e-ae95-4e93-943a-41a0676edd61/1/656nYURxY3eIKKADyW7vtfz2QvE.roa
Signing time: Tue 02 Jan 2024 06:30:13 +0000
ROA not before: Tue 02 Jan 2024 06:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.55.188.0/24 maxlen: 24
185.55.190.0/24 maxlen: 24
185.55.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/75a22e-ae95-4e93-943a-41a0676edd61/1/qpyclaWMOBG9qV3IPC5IeiAMTCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/75a22e-ae95-4e93-943a-41a0676edd61/1/qpyclaWMOBG9qV3IPC5IeiAMTCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/qpyclaWMOBG9qV3IPC5IeiAMTCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:92:78:a5:75:f1:7b:d3:9a:8d:31:d4:d9:c4:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9c9c95a58c3811bda95dc83c2e487a200c4c25
Validity
Not Before: Jan 2 06:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb9ea761447163778828a003c96eefb5fcf642f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:48:0f:f4:bd:ec:79:a5:1c:47:04:7d:6c:b1:
93:64:6d:17:dc:47:63:9b:a5:8d:5b:4b:cc:96:94:
ff:6b:e5:73:c2:1b:8c:62:9f:2a:2b:8d:33:0a:09:
5e:16:de:5f:7d:fa:c1:88:b6:fd:de:4b:38:b9:6d:
30:e4:c0:a8:92:ba:2a:96:33:63:56:45:14:33:2a:
72:18:81:d4:f4:a6:f6:ec:bd:bc:5a:09:8a:e3:05:
6a:c0:99:92:d1:3f:a5:01:bc:f5:f5:54:af:6e:33:
51:48:a8:5b:39:95:4a:c4:5d:36:01:ee:bb:a9:e4:
09:96:a5:6a:51:96:d3:c8:ab:a7:a0:ff:87:15:6d:
fb:fd:42:d2:f9:10:6d:9e:89:db:2d:68:ce:dd:4d:
e3:38:67:aa:07:44:55:78:d4:f3:eb:d3:b5:ca:7a:
25:2e:24:6e:7d:43:20:c3:9f:cb:ed:eb:d9:72:93:
3b:26:4e:05:85:73:f8:29:2d:bc:e3:46:bb:4a:37:
f7:25:c8:fd:55:cc:ac:f5:c2:da:14:eb:a0:be:f3:
c7:6a:d8:1e:a2:bf:40:e8:cd:0d:fd:8b:5e:83:ae:
0e:d2:64:3e:9e:02:a2:8c:cc:95:16:bc:b7:59:68:
c7:d4:8d:0e:e9:1e:0b:3e:b9:96:8c:6e:c8:9d:f4:
9e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:9E:A7:61:44:71:63:77:88:28:A0:03:C9:6E:EF:B5:FC:F6:42:F1
X509v3 Authority Key Identifier:
keyid:AA:9C:9C:95:A5:8C:38:11:BD:A9:5D:C8:3C:2E:48:7A:20:0C:4C:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qpyclaWMOBG9qV3IPC5IeiAMTCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/75a22e-ae95-4e93-943a-41a0676edd61/1/656nYURxY3eIKKADyW7vtfz2QvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/75a22e-ae95-4e93-943a-41a0676edd61/1/qpyclaWMOBG9qV3IPC5IeiAMTCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.188.0/24
185.55.190.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:4f:cd:77:b6:0d:08:ed:52:9e:bc:84:5d:39:08:4d:41:12:
59:49:46:e9:69:95:f2:98:25:94:d5:bc:a6:1f:6c:c4:55:df:
34:e4:fe:97:99:a3:5b:ac:76:87:3d:9f:8f:0f:40:c2:d7:c1:
44:62:b5:c4:e8:c2:94:76:c1:02:21:8d:7d:25:cc:f3:9b:00:
ae:8f:4a:64:dd:a5:c6:28:32:f0:ee:89:e0:f2:8b:3e:fe:62:
73:ed:bc:51:dc:b5:c3:03:c4:12:eb:99:c0:dc:af:c4:71:fd:
73:50:13:88:00:5d:e2:92:e2:c2:13:1a:3d:91:6b:4b:ef:b4:
91:8b:05:6b:ec:b2:00:18:2c:b1:32:6c:22:67:4e:69:29:8d:
bb:8c:23:f2:94:c7:fb:0d:ad:38:bd:51:29:1a:12:f6:cd:55:
58:b5:8c:25:4f:ca:83:b4:67:43:64:c3:12:a7:3f:03:93:0e:
e5:7e:6f:fa:67:94:28:e8:25:7a:73:28:1e:d5:74:2e:b8:89:
1c:d0:52:a5:fd:0e:99:81:00:af:be:b7:b4:2a:98:25:c5:c3:
bf:24:df:1e:0f:1a:c4:d9:38:39:86:be:ad:1a:5b:1c:c0:f9:
60:e5:1e:49:8a:a6:bc:5e:25:0b:15:76:ec:81:54:ad:16:2c:
40:12:dc:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3ZJ4pXXxe9OajTHU2cS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOWM5Yzk1YTU4YzM4MTFiZGE5NWRjODNjMmU0ODdhMjAw
YzRjMjUwHhcNMjQwMTAyMDYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjllYTc2MTQ0NzE2Mzc3ODgyOGEwMDNjOTZlZWZiNWZjZjY0MmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUgP9L3seaUcRwR9bLGTZG0X3Edj
m6WNW0vMlpT/a+VzwhuMYp8qK40zCgleFt5fffrBiLb93ks4uW0w5MCokroqljNj
VkUUMypyGIHU9Kb27L28WgmK4wVqwJmS0T+lAbz19VSvbjNRSKhbOZVKxF02Ae67
qeQJlqVqUZbTyKunoP+HFW37/ULS+RBtnonbLWjO3U3jOGeqB0RVeNTz69O1ynol
LiRufUMgw5/L7evZcpM7Jk4FhXP4KS2840a7Sjf3Jcj9Vcys9cLaFOugvvPHatge
or9A6M0N/Yteg64O0mQ+ngKijMyVFry3WWjH1I0O6R4LPrmWjG7InfSemQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOuep2FEcWN3iCigA8lu77X89kLxMB8GA1UdIwQY
MBaAFKqcnJWljDgRvaldyDwuSHogDEwlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXB5Y2xhV01PQkc5cVYzSVBDNUllaUFNVENVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy83NWEyMmUtYWU5NS00ZTkzLTk0M2Et
NDFhMDY3NmVkZDYxLzEvNjU2bllVUnhZM2VJS0tBRHlXN3Z0ZnoyUXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy83NWEyMmUtYWU5NS00ZTkzLTk0M2EtNDFhMDY3NmVkZDYx
LzEvcXB5Y2xhV01PQkc5cVYzSVBDNUllaUFNVENVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuTe8AwQB
uTe+MA0GCSqGSIb3DQEBCwUAA4IBAQCNT813tg0I7VKevIRdOQhNQRJZSUbpaZXy
mCWU1bymH2zEVd805P6XmaNbrHaHPZ+PD0DC18FEYrXE6MKUdsECIY19JczzmwCu
j0pk3aXGKDLw7ong8os+/mJz7bxR3LXDA8QS65nA3K/Ecf1zUBOIAF3ikuLCExo9
kWtL77SRiwVr7LIAGCyxMmwiZ05pKY27jCPylMf7Da04vVEpGhL2zVVYtYwlT8qD
tGdDZMMSpz8Dkw7lfm/6Z5Qo6CV6cyge1XQuuIkc0FKl/Q6ZgQCvvre0KpglxcO/
JN8eDxrE2Tg5hr6tGlscwPlg5R5Jiqa8XiULFXbsgVStFixAEtyU
-----END CERTIFICATE-----
Generated at Thu May 2 06:17:18 2024 by rpki-client on console-ams.rpki-client.org